Enlarge/ The Orion spacecraft after splashdown in the Pacific Ocean at the end of the Artemis I mission.
NASA has asked a panel of outside experts to review the agency’s investigation into the unexpected loss of material from the heat shield of the Orion spacecraft on a test flight in 2022.
Chunks of charred material cracked and chipped away from Orion’s heat shield during reentry at the end of the 25-day unpiloted Artemis I mission in December 2022. Engineers inspecting the capsule after the flight found more than 100 locations where the stresses of reentry stripped away pieces of the heat shield as temperatures built up to 5,000° Fahrenheit.
This was the most significant discovery on the Artemis I, an unpiloted test flight that took the Orion capsule around the Moon for the first time. The next mission in NASA’s Artemis program, Artemis II, is scheduled for launch late next year on a test flight to send four astronauts around the far side of the Moon.
Another set of eyes
The heat shield, made of a material called Avcoat, is attached to the base of the Orion spacecraft in 186 blocks. Avcoat is designed to ablate, or erode, in a controlled manner during reentry. Instead, fragments fell off the heat shield that left cavities resembling potholes.
Investigators are still looking for the root cause of the heat shield problem. Since the Artemis I mission, engineers conducted sub-scale tests of the Orion heat shield in wind tunnels and high-temperature arcjet facilities. NASA has recreated the phenomenon observed on Artemis I in these ground tests, according to Rachel Kraft, an agency spokesperson.
“The team is currently synthesizing results from a variety of tests and analyses that inform the leading theory for what caused the issues,” said Rachel Kraft, a NASA spokesperson.
Last week, nearly a year and a half after the Artemis I flight, the public got its first look at the condition of the Orion heat shield with post-flight photos released in a report from NASA’s inspector general. Cameras aboard the Orion capsule also recorded pieces of the heat shield breaking off the spacecraft during reentry.
NASA’s inspector general said the char loss issue “creates a risk that the heat shield may not sufficiently protect the capsule’s systems and crew from the extreme heat of reentry on future missions.”
“Those pictures, we’ve seen them since they were taken, but more importantly… we saw it,” said Victor Glover, pilot of the Artemis II mission, in a recent interview with Ars. “More than any picture or report, I’ve seen that heat shield, and that really set the bit for how interested I was in the details.”
Ethan Zuckerman wants to release a tool that would allow Facebook users to control what appears in their newsfeeds. His privacy-friendly browser extension, Unfollow Everything 2.0, is designed to essentially give users a switch to turn the newsfeed on and off whenever they want, providing a way to eliminate or curate the feed.
Ethan Zuckerman, a professor at University of Massachusetts Amherst, is suing Meta to release a tool allowing Facebook users to “unfollow everything.” (Photo by Lorrie LeJeune)
The tool is nearly ready to be released, Zuckerman told Ars, but the University of Massachusetts Amherst associate professor is afraid that Facebook owner Meta might threaten legal action if he goes ahead. And his fears appear well-founded. In 2021, Meta sent a cease-and-desist letter to the creator of the original Unfollow Everything, Louis Barclay, leading that developer to shut down his tool after thousands of Facebook users had eagerly downloaded it.
Zuckerman is suing Meta, asking a US district court in California to invalidate Meta’s past arguments against developers like Barclay and rule that Meta would have no grounds to sue if he released his tool.
Zuckerman insists that he’s “suing Facebook to make it better.” In picking this unusual legal fight with Meta, the professor—seemingly for the first time ever—is attempting to tip Section 230’s shield away from Big Tech and instead protect third-party developers from giant social media platforms.
To do this, Zuckerman is asking the court to consider a novel Section 230 argument relating to an overlooked provision of the law that Zuckerman believes protects the development of third-party tools that allow users to curate their newsfeeds to avoid objectionable content. His complaint cited case law and argued:
Section 230(c)(2)(B) immunizes from legal liability “a provider of software or enabling tools that filter, screen, allow, or disallow content that the provider or user considers obscene, lewd, lascivious, filthy, excessively violent, harassing, or otherwise objectionable.” Through this provision, Congress intended to promote the development of filtering tools that enable users to curate their online experiences and avoid content they would rather not see.
Unfollow Everything 2.0 falls in this “safe harbor,” Zuckerman argues, partly because “the purpose of the tool is to allow users who find the newsfeed objectionable, or who find the specific sequencing of posts within their newsfeed objectionable, to effectively turn off the feed.”
Ramya Krishnan, a senior staff attorney at the Knight Institute who helped draft Zuckerman’s complaint, told Ars that some Facebook users are concerned that the newsfeed “prioritizes inflammatory and sensational speech,” and they “may not want to see that kind of content.” By turning off the feed, Facebook users could choose to use the platform the way it was originally designed, avoiding being served objectionable content by blanking the newsfeed and manually navigating to only the content they want to see.
“Users don’t have to accept Facebook as it’s given to them,” Krishnan said in a press release provided to Ars. “The same statute that immunizes Meta from liability for the speech of its users gives users the right to decide what they see on the platform.”
Zuckerman, who considers himself “old to the Internet,” uses Facebook daily and even reconnected with and began dating his now-wife on the platform. He has a “soft spot” in his heart for Facebook and still finds the platform useful to keep in touch with friends and family.
But while he’s “never been in the ‘burn it all down’ camp,” he has watched social media evolve to give users less control over their feeds and believes “that the dominance of a small number of social media companies tends to create the illusion that the business model adopted by them is inevitable,” his complaint said.
If you watched yesterday’s iPad-a-palooza event from Apple, then you probably saw the segment about cool new features coming to the iPad version of Logic Pro, Apple’s professional audio recording software. But what the event did not make clear was that all the same features are coming to the Mac version of Logic Pro—and both the Mac and iPad versions will get newly numbered. After many years, the Mac version of Logic Pro will upgrade from X (ten) to 11, while the much more recent iPad version increments to 2.
Both versions will be released on May 13, and both are free upgrades for existing users. (Sort of—iPad users have to pay a subscription fee to access Logic Pro, but if you already pay, you’ll get the upgrade. This led many people to speculate online that Apple would move the Mac version of Logic to a similar subscription model; thankfully, that is not the case. Yet.)
Both versions will gain an identical set of new features, which were touched on briefly in Apple’s event video. But thanks to a lengthy press release that Apple posted after the event, along with updates to Apple’s main Logic page, we now have a better sense of what these features are, what systems they require, and just how much Apple has gone all-in on AI. Also, we get some pictures.
One of Logic’s neat features is Drummer, a generative performer that can play in many different styles, can follow along with recorded tracks, and can throw in plenty of fills and other humanizing variations. For a tool that comes free with your digital audio workstation, it’s an amazing product, and it has received various quality-of-life improvements over the last decade, including producer kits that let you break out and control each individual percussion element. But what we haven’t seen in 10 years is new generative session players, especially for bass and keys.
The wait is over, though, because Apple is adding a bass and a keyboard player to Logic. The new Bass Player was “trained in collaboration with today’s best bass players, using advanced AI and sampling technologies,” Apple says. Logic will also come with Studio Bass, a set of six new instruments.
The Keyboard Player works similarly and gets a new Studio Piano plugin that provides features commonly found in paid virtual instruments (multiple mic positions, control over pedal and key noise, sympathetic resonance, and release samples). Apple says that Keyboard Player can handle everything from “simple block cords to chord voicing with extended harmony—with nearly endless variations.”
The new Drummer.
Keyboard Player.
Drummer’s secret to success is in just how easy it makes dialing in a basic drum pattern. Select the drummer who plays your style, pick a kit you like, and then pick a variation; after that, simply place a dot on a big trackpad-style display that balances complexity with volume, and you have something usable, complete with fills. Bass and Keyboard Players can’t work that way, of course, but Apple is bringing a feature seen in some other DAWs to Logic in order to power both new session players: Chord Track.
Researchers on Wednesday reported critical vulnerabilities in a widely used networking appliance that leaves some of the world’s biggest networks open to intrusion.
The vulnerabilities reside in BIG-IP Next Central Manager, a component in the latest generation of the BIG-IP line of appliances organizations use to manage traffic going into and out of their networks. Seattle-based F5, which sells the product, says its gear is used in 48 of the top 50 corporations as tracked by Fortune. F5 describes the Next Central Manager as a “single, centralized point of control” for managing entire fleets of BIG-IP appliances.
As devices performing load balancing, DDoS mitigation, and inspection and encryption of data entering and exiting large networks, BIG-IP gear sits at their perimeter and acts as a major pipeline to some of the most security-critical resources housed inside. Those characteristics have made BIG-IP appliances ideal for hacking. In 2021 and 2022, hackers actively compromised BIG-IP appliances by exploiting vulnerabilities carrying severity ratings of 9.8 out of 10.
On Wednesday, researchers from security firm Eclypsium reported finding what they said were five vulnerabilities in the latest version of BIG-IP. F5 has confirmed two of the vulnerabilities and released security updates that patch them. Eclypsium said three remaining vulnerabilities have gone unacknowledged, and it’s unclear if their fixes are included in the latest release. Whereas the exploited vulnerabilities from 2021 and 2022 affected older BIG-IP versions, the new ones reside in the latest version, known as BIG-IP Next. The severity of both vulnerabilities is rated as 7.5.
“BIG-IP Next marks a completely new incarnation of the BIG-IP product line touting improved security, management, and performance,” Eclypsium researchers wrote. “And this is why these new vulnerabilities are particularly significant—they not only affect the newest flagship of F5 code, they also affect the Central Manager at the heart of the system.”
The vulnerabilities allow attackers to gain full administrative control of a device and then create accounts on systems managed by the Central Manager. “These attacker-controlled accounts would not be visible from the Next Central Manager itself, enabling ongoing malicious persistence within the environment,” Eclypsium said. The researchers said they have no indication any of the vulnerabilities are under active exploitation.
Both of the fixed vulnerabilities can be exploited to extract password hashes or other sensitive data that allow for the compromise of administrative accounts on BIG-IP systems. F5 described one of them—tracked as CVE-2024-21793—as an Odata injection flaw, a class of vulnerability that allows attackers to inject malicious data into Odata queries. The other vulnerability, CVE-2024-26026, is an SQL injection flaw that can execute malicious SQL statements.
Eclypsium said it reported three additional vulnerabilities. One is an undocumented programming interface that allows for server-side request forgeries, a class of attack that gains access to sensitive internal resources that are supposed to be off-limits to outsiders. Another is the ability for unauthenticated administrators to reset their password even without knowing what it is. Attackers who gained control of an administrative account could exploit this last flaw to lock out all legitimate access to a vulnerable device.
The third is a configuration in the bcrypt password hashing algorithm that makes it possible to perform brute-force attacks against millions of passwords per second. The Open Web Application Security Project says that the bcrypt “work factor”—meaning the amount of resources required to convert plaintext into cryptographic hashes—should be set to a level no lower than 10. When Eclypsium performed its analysis, the Central Manager set it at six.
Eclypsium researchers wrote:
The vulnerabilities we have found would allow an adversary to harness the power of Next Central Manager for malicious purposes. First, the management console of the Central Manager can be remotely exploited by any attacker able to access the administrative UI via CVE 2024-21793 or CVE 2024-26026. This would result in full administrative control of the manager itself. Attackers can then take advantage of the other vulnerabilities to create new accounts on any BIG-IP Next asset managed by the Central Manager. Notably, these new malicious accounts would not be visible from the Central Manager itself.
All 5 vulnerabilities were disclosed to F5 in one batch, but F5 only formally assigned CVEs to the 2 unauthenticated vulnerabilities. We have not confirmed if the other 3 were fixed at the time of publication.
F5 representatives didn’t immediately have a response to the report. Eclypsium went on to say:
These weaknesses can be used in a variety of potential attack paths. At a high level attackers can remotely exploit the UI to gain administrative control of the Central Manager. Change passwords for accounts on the Central Manager. But most importantly, attackers could create hidden accounts on any downstream device controlled by the Central Manager.
Eclypsium
The vulnerabilities are present in BIG-IP Next Central Manager versions 20.0.1 through 20.1.0. Version 20.2.0, released Wednesday, fixes the two acknowledged vulnerabilities. As noted earlier, it’s unknown if version 20.2.0 fixes the other behavior Eclypsium described.
“If they are fixed, it is +- okay-ish, considering the version with them will still be considered vulnerable to other things and need a fix,” Eclypsium researcher Vlad Babkin wrote in an email. “If not, the device has a long-term way for an authenticated attacker to keep their access forever, which will be problematic.”
A query using the Shodan search engine shows only three instances of vulnerable systems being exposed to the Internet.
Given the recent rash of active exploits targeting VPNs, firewalls, load balancers, and other devices positioned at the network edge, BIG-IP Central Manager users would do well to place a high priority on patching the vulnerabilities. The availability of proof-of-concept exploitation code in the Eclypsium disclosure further increases the likelihood of active attacks.
After reversing its position on remote work, Dell is reportedly implementing new tracking techniques on May 13 to ensure its workers are following the company’s return-to-office (RTO) policy, The Register reported today, citing anonymous sources.
Dell has allowed people to work remotely for over 10 years. But in February, it issued an RTO mandate, and come May 13, most workers will be classified as either totally remote or hybrid. Starting this month, hybrid workers have to go into a Dell office at least 39 days per quarter. Fully remote workers, meanwhile, are ineligible for promotion, Business Insider reported in March.
Now The Register reports that Dell will track employees’ badge swipes and VPN connections to confirm that workers are in the office for a significant amount of time.
An unnamed source told the publication: “This is likely in response to the official numbers about how many of our staff members chose to remain remote after the RTO mandate.”
Dell’s methods for tracking hybrid workers will also reportedly include a color-coding system. The Register reported that Dell “plans to make weekly site visit data from its badge tracking available to employees through the corporation’s human capital management software and to give them color-coded ratings that summarize their status.” From “consistent” to “limited” presence, the colors are blue, green, yellow, and red.
A different person who reportedly works at Dell said that managers hadn’t shown consistency regarding how many red flags they would consider acceptable. The confusion led the source to tell The Register, “It’s a shit show here.”
An unnamed person reportedly “familiar with Dell” claimed that those failing to show up to a Dell office frequently enough will be referred to Dell COO Jeff Clarke.
Dell’s about-face
Ironically, Clarke used to support the idea of fully remote work post-pandemic. In 2020, he said:
After all of this investment to enable remote everything, we will never go back to the way things were before. Here at Dell, we expect, on an ongoing basis, that 60 percent of our workforce will stay remote or have a hybrid schedule where they work from home mostly and come into the office one or two days a week.”
It’s unclear exactly how many of Dell’s workers are remote. The Register reported today that approximately 50 percent of Dell’s US workers are remote, compared to 66 percent of international workers. In March, an anonymous source told Business Insider that 10–15 percent of every team at Dell was remote.
Michael Dell, Dell’s CEO and founder, also used to support remote work and penned a blog in 2022 saying that Dell “found no meaningful differences for team members working remotely or office-based even before the pandemic forced everyone home.”
Some suspect Dell’s suddenly stringent office policy is an attempt to force people to quit so that the company can avoid layoffs. In 2023, Dell laid off 13,000 people, per regulatory filings [PDF].
Dell didn’t respond to Ars’ request for comment. In a statement to The Register, a representative said that Dell believes “in-person connections paired with a flexible approach are critical to drive innovation and value differentiation.”
Questionable policies
News of Dell’s upcoming tracking methods comes amid growing concern about the potentially invasive and aggressive tactics companies have implemented as workers resist RTO policies. Meta, Amazon, Google, and JPMorgan Chase have all reportedly tracked in-office badge swipes. TikTok reportedly launched an app to track badge swipes and to ask workers why they weren’t in the office on days that they were expected to be.
However, the efficacy of RTO mandates is questionable. An examination of 457 companies on the S&P 500 list released in February concluded that RTO mandates don’t drive company value but instead negatively affect worker morale. Analysis of survey data from more than 18,000 working Americans released in March found that flexible workplace policies, including the ability to work remotely completely or part-time and flexible schedules, can help employees’ mental health.
Enlarge/ In 1984, the year 2000 was so promising, students made entire games promising to take you there.
Radio Student
Software is almost impossibly easy to download, distribute, and access compared to 40 years ago. Everything is bigger, faster, and more flexible, but there’s a certain charm to the ways of diskettes and cassettes that is hard to recapture. That doesn’t mean we can’t try.
By the time you read this, it’s likely that Kontrabant 2 will have already hit the airwaves on Radio Študent in Slovenia. At 9: 30 pm Slovenia time (UTC+2 in Daylight Savings Time), if you are tuned to 89.3 FM, hitting record on a cassette tape will capture a buzzing sound that will run until just over 50KB have been transmitted. If all went well, you can load the tape into your working ZX Spectrum or bring it to the Computer History Museum in Slovenia and use theirs to try it out.
reposted it on his personal site. Kontrabant, which is text-only, has the player travel about the country (“and beyond!”) to collect all the parts of a ZX Spectrum. You meet famous smugglers from Slovene history, get a picture of yourself so you can leave the country for certain parts, and at one point obtain an Austrian porn magazine, which, in typical adventure game style, is later traded for something else.
Kontrabant2, from 1984, added the kinds of garish colors and flashing graphics that ZX Spectrum enthusiasts can recognize from a hundred yards away. This time you’re trying “to make your way to the year 2000 and to the amazing computers of the future,” Vince writes, and the game layers in political and social subtext and critiques throughout the journey. Also, the original Radio Študent cassette tape version had punk rock songs by “the Kontra Band” on it, which is neat as heck.
Kontrabant and its sequel were written by Žiga Turk and Matevž Kmet, students at the time, who are talking about the games and the times at the Computer History Museum Slovenia today. If you have a chance to visit that place, I think you should do so, given the impressive number of working vintage computers listed. Turk would go on to found Moj mikro magazine, a monthly computer magazine running from 1984 to 2015. He started the Virtual Shareware Library, which later became shareware.com (now a Digital Trends site I don’t quite recognize), and WODA, the Web Oriented Database. He’s now a professor of construction informatics in Ljubljana, Slovenia.
You can play Kontrabant 2 on the Internet Archive’s emulator if you can read or translate Serbian and understand the text prompts. YouTube lacks a playthrough of the game with graphics, though a later port to a native platform, the Iskra Delta Partner, is available in Apple-II-ish green-on-black.
Enlarge/ A still image of a robotic quadruped armed with a remote weapons system, captured from a video provided by Onyx Industries.
The United States Marine Forces Special Operations Command (MARSOC) is currently evaluating a new generation of robotic “dogs” developed by Ghost Robotics, with the potential to be equipped with gun systems from defense tech company Onyx Industries, reports The War Zone.
While MARSOC is testing Ghost Robotics’ quadrupedal unmanned ground vehicles (called “Q-UGVs” for short) for various applications, including reconnaissance and surveillance, it’s the possibility of arming them with weapons for remote engagement that may draw the most attention. But it’s not unprecedented: The US Marine Corps has also tested robotic dogs armed with rocket launchers in the past.
MARSOC is currently in possession of two armed Q-UGVs undergoing testing, as confirmed by Onyx Industries staff, and their gun systems are based on Onyx’s SENTRY remote weapon system (RWS), which features an AI-enabled digital imaging system and can automatically detect and track people, drones, or vehicles, reporting potential targets to a remote human operator that could be located anywhere in the world. The system maintains a human-in-the-loop control for fire decisions, and it cannot decide to fire autonomously.
On LinkedIn, Onyx Industries shared a video of a similar system in action.
In a statement to The War Zone, MARSOC states that weaponized payloads are just one of many use cases being evaluated. MARSOC also clarifies that comments made by Onyx Industries to The War Zone regarding the capabilities and deployment of these armed robot dogs “should not be construed as a capability or a singular interest in one of many use cases during an evaluation.” The command further stresses that it is aware of and adheres to all Department of Defense policies concerning autonomous weapons.
The rise of robotic unmanned ground vehicles
Enlarge/ An unauthorized video of a gun bolted onto a $3,000 Unitree robodog spread quickly on social media in July 2022 and prompted a response from several robotics companies.
Alexander Atamanov
The evaluation of armed robotic dogs reflects a growing interest in small robotic unmanned ground vehicles for military use. While unmanned aerial vehicles (UAVs) have been remotely delivering lethal force under human command for at least two decades, the rise of inexpensive robotic quadrupeds—some available for as little as $1,600—has led to a new round of experimentation with strapping weapons to their backs.
In July 2022, a video of a rifle bolted to the back of a Unitree robodog went viral on social media, eventually leading Boston Robotics and other robot vendors to issue a pledge that October to not weaponize their robots (with notable exceptions for military uses). In April, we covered a Unitree Go2 robot dog, with a flame thrower strapped on its back, on sale to the general public.
The prospect of deploying armed robotic dogs, even with human oversight, raises significant questions about the future of warfare and the potential risks and ethical implications of increasingly autonomous weapons systems. There’s also the potential for backlash if similar remote weapons systems eventually end up used domestically by police. Such a concern would not be unfounded: In November 2022, we covered a decision by the San Francisco Board of Supervisors to allow the San Francisco Police Department to use lethal robots against suspects.
There’s also concern that the systems will become more autonomous over time. As The War Zone’s Howard Altman and Oliver Parken describe in their article, “While further details on MARSOC’s use of the gun-armed robot dogs remain limited, the fielding of this type of capability is likely inevitable at this point. As AI-enabled drone autonomy becomes increasingly weaponized, just how long a human will stay in the loop, even for kinetic acts, is increasingly debatable, regardless of assurances from some in the military and industry.”
While the technology is still in the early stages of testing and evaluation, Q-UGVs do have the potential to provide reconnaissance and security capabilities that reduce risks to human personnel in hazardous environments. But as armed robotic systems continue to evolve, it will be crucial to address ethical concerns and ensure that their use aligns with established policies and international law.
Enlarge/ Prediction of the structure of a coronavirus Spike protein from a virus that causes the common cold.
Google DeepMind
Most of the activities that go on inside cells—the activities that keep us living, breathing, thinking animals—are handled by proteins. They allow cells to communicate with each other, run a cell’s basic metabolism, and help convert the information stored in DNA into even more proteins. And all of that depends on the ability of the protein’s string of amino acids to fold up into a complicated yet specific three-dimensional shape that enables it to function.
Up until this decade, understanding that 3D shape meant purifying the protein and subjecting it to a time- and labor-intensive process to determine its structure. But that changed with the work of DeepMind, one of Google’s AI divisions, which released Alpha Fold in 2021, and a similar academic effort shortly afterward. The software wasn’t perfect; it struggled with larger proteins and didn’t offer high-confidence solutions for every protein. But many of its predictions turned out to be remarkably accurate.
Even so, these structures only told half of the story. To function, almost every protein has to interact with something else—other proteins, DNA, chemicals, membranes, and more. And, while the initial version of AlphaFold could handle some protein-protein interactions, the rest remained black boxes. Today, DeepMind is announcing the availability of version 3 of AlphaFold, which has seen parts of its underlying engine either heavily modified or replaced entirely. Thanks to these changes, the software now handles various additional protein interactions and modifications.
Changing parts
The original AlphaFold relied on two underlying software functions. One of those took evolutionary limits on a protein into account. By looking at the same protein in multiple species, you can get a sense for which parts are always the same, and therefore likely to be central to its function. That centrality implies that they’re always likely to be in the same location and orientation in the protein’s structure. To do this, the original AlphaFold found as many versions of a protein as it could and lined up their sequences to look for the portions that showed little variation.
Doing so, however, is computationally expensive since the more proteins you line up, the more constraints you have to resolve. In the new version, the AlphaFold team still identified multiple related proteins but switched to largely performing alignments using pairs of protein sequences from within the set of related ones. This probably isn’t as information-rich as a multi-alignment, but it’s far more computationally efficient, and the lost information doesn’t appear to be critical to figuring out protein structures.
Using these alignments, a separate software module figured out the spatial relationships among pairs of amino acids within the target protein. Those relationships were then translated into spatial coordinates for each atom by code that took into account some of the physical properties of amino acids, like which portions of an amino acid could rotate relative to others, etc.
In AlphaFold 3, the prediction of atomic positions is handled by a diffusion module, which is trained by being given both a known structure and versions of that structure where noise (in the form of shifting the positions of some atoms) has been added. This allows the diffusion module to take the inexact locations described by relative positions and convert them into exact predictions of the location of every atom in the protein. It doesn’t need to be told the physical properties of amino acids, because it can figure out what they normally do by looking at enough structures.
(DeepMind had to train on two different levels of noise to get the diffusion module to work: one in which the locations of atoms were shifted while the general structure was left intact and a second where the noise involved shifting the large-scale structure of the protein, thus affecting the location of lots of atoms.)
During training, the team found that it took about 20,000 instances of protein structures for AlphaFold 3 to get about 97 percent of a set of test structures right. By 60,000 instances, it started getting protein-protein interfaces correct at that frequency, too. And, critically, it started getting proteins complexed with other molecules right, as well.
Enlarge/ Huawei’s Intel-powered Matebook X Pro has drawn criticism from US China hawks.
Huawei
The US crackdown on exports to Huawei now includes even stronger restrictions than the company has already faced. The Financial Times reports that Intel and Qualcomm have had their Huawei export licenses revoked, so Huawei will no longer be able to buy chips from either company.
The export ban has been around since 2020 and means that any company wishing to ship parts to Huawei must get approval from the government on a case-by-case basis. Sometimes these come with restrictions, like Qualcomm’s license, which allowed it to ship smartphone chips to Huawei, but not “5G” chips. That led to Qualcomm creating special 4G-only versions of its 5G chips for Huawei, and the company ended up with 4G-only Snapdragon 888 phones in 2021.
Since then, Huawei has been working on its own Arm chips from its chip design division, HiSilicon. In April, the Huawei Pura 70 smartphone launched with an in-house HiSilicon Kirin 9010 SoC made at SMIC, a Chinese chip fab that is also facing export restrictions. With what is probably still a 7 nm manufacturing process, it’s more of a 2020 chip than a 2024 chip, but that’s still fast enough for many use cases.
Assuming HiSilicon can make enough smartphone chips, the loss of Qualcomm chips isn’t a huge deal right now. Qualcomm seemed to know Huawei has moved beyond it, too, saying in a recent SEC filing, “We do not expect to receive product revenues from Huawei beyond the current calendar year.” Huawei is roaring back to life in the Chinese smartphone market, thanks to HiSilicon chips and preferences for locally made goods.
Huawei’s new laptop looks thin, light, and premium.
Huawei
Intel is going to be a bigger problem and was probably the reason for this latest export change. Intel has controversially had a license to ship Huawei laptop chips since 2020, so Huawei’s laptop business hasn’t been hurting much. Just in April, the 2024 Huawei Matebook X Pro launched with Intel’s latest “Meteor Lake” Core Ultra 9 Processor. It looks like a top-tier laptop, with a 14-inch,120 Hz OLED display, fingerprint reader, all the latest Wi-Fi connectivity, Windows 11 (Microsoft also has approval), and an aluminum body. Thanks to the Intel chip, it also has much-hyped “on-board AI processing.”
Shortly after launch, Reuters reported that Republican lawmakers were unhappy about Intel’s involvement with Huawei’s premium laptop, particularly because of its ability to enable nebulous “AI” features. The US recently passed new restrictions on shipping AI chips to China, but that was around more serious Nvidia AI server chips like the H200, which powers most of the generative AI industry. The hype around AI also means most consumer gear comes with some kind of “AI” marketing angle nowadays, and apparently that was enough to send lawmakers back to the drawing board.
If it feels like you’ve heard of a thousand Huawei export ban expansions that don’t seem very effective, you’re not alone. That Reuters report quotes Congressman Michael McCaul (R-Texas) with the same feeling: “These approvals must stop. Two years ago, I was told licenses to Huawei would stop. Today, it doesn’t seem as though the policy has changed.” The policy has changed, like when new licenses stopped being issued in 2023, but that apparently didn’t involve revoking existing licenses. Profit-first US companies are fighting these bans every step of the way, since a Huawei contract can represent millions of dollars. Huawei can also see all of this coming and is doing its best to adjust.
Assuming this latest restriction finally does the trick, with no Intel chips, Huawei’s laptop business will surely suffer once it runs out of its current stockpile. With ARM laptops becoming more and more popular, though, maybe the next step for Huawei’s laptop division is a HiSilicon laptop. Such a laptop would probably be very slow, but it would be better than nothing.
Most scammers and cybercriminals operate in the digital shadows and don’t want you to know how they make money. But that’s not the case for the Yahoo Boys, a loose collective of young men in West Africa who are some of the web’s most prolific—and increasingly dangerous—scammers.
Thousands of people are members of dozens of Yahoo Boy groups operating across Facebook, WhatsApp, and Telegram, a WIRED analysis has found. The scammers, who deal in types of fraud that total hundreds of millions of dollars each year, also have dozens of accounts on TikTok, YouTube, and the document-sharing service Scribd that are getting thousands of views.
Inside the groups, there’s a hive of fraudulent activity with the cybercriminals often showing their faces and sharing ways to scam people with other members. They openly distribute scripts detailing how to blackmail people and how to run sextortionscams—that have driven people to take their own lives—sell albums with hundreds of photographs, and advertise fake social media accounts. Among the scams, they’re also using AI to create fake “nude” images of people and real-time deepfake video calls.
The Yahoo Boys don’t disguise their activity. Many groups use “Yahoo Boys” in their name as well as other related terms. WIRED’s analysis found 16 Yahoo Boys Facebook groups with almost 200,000 total members, a dozen WhatsApp channels, around 10 Telegram channels, 20 TikTok accounts, a dozen YouTube accounts, and more than 80 scripts on Scribd. And that’s just the tip of the iceberg.
Broadly, the companies do not allow content on their platforms that encourages or promotes criminal behavior. The majority of the Yahoo Boys accounts and groups WIRED identified were removed after we contacted the companies about the groups’ overt existence. Despite these removals, dozens more Yahoo Boys groups and accounts remain online.
“They’re not hiding under different names,” says Kathy Waters, the co-founder and executive director of the nonprofit Advocating Against Romance Scammers, which has tracked the Yahoo Boys for years. Waters says the social media companies are essentially providing the Yahoo Boys with “free office space” to organize and conduct their activities. “They’re selling scripts, selling photos, identifications of people, all online, all on the social media platforms,” she says. “Why these accounts still remain is beyond me.”
The Yahoo Boys aren’t a single, organized group. Instead, they’re a collection of thousands of scammers who work individually or in clusters. Often based in Nigeria, their name comes from formerly targeting users of Yahoo services, with links back to the Nigerian Prince email scams of old. Groups in West Africa can be often organized in various confraternities, which are cultish gangs.
“Yahoo is a set of knowledge that allows you to conduct scams,” says Gary Warner, the director of intelligence at DarkTower and director of the University of Alabama at Birmingham’s Computer Forensics Research Laboratory. While there are different levels of sophistication of Yahoo Boys, Warner says, many simply operate from their phones. “Most of these threat actors are only using one device,” he says.
The Yahoo Boys run dozens of scams—from romance fraud to business email compromise. When making contact with potential victims, they’ll often “bomb” people by sending hundreds of messages to dating app accounts or Facebook profiles. “They will say anything they can in order to get the next dime in their pocket,” Waters says.
Searching for the Yahoo Boys on Facebook brings up two warnings: Both say the results may be linked to fraudulent activity, which isn’t allowed on the website. Clicking through the warnings reveals Yahoo Boy groups with thousands of members—one had more than 70,000.
Within the groups—alongside posts selling SIM cards and albums with hundreds of pictures—many of the scammers push people toward other messaging platforms such as Meta’s WhatsApp or Telegram. Here, the Yahoo Boys are at their most bold. Some groups and channels on the two platforms receive hundreds of posts per day and are part of their wider web of operations.
After WIRED asked Facebook about the 16 groups we identified, the company removed them, and some WhatsApp groups were deactivated. “Scammers use every platform available to them to defraud people and constantly adapt to avoid getting caught,” says Al Tolan, a Meta spokesperson. They did not directly address the accounts that were removed or that they were easy to find. “Purposefully exploiting others for money is against our policies, and we take action when we become aware of it,” Tolan says. “We continue to invest in technology and cooperate with law enforcement so they can prosecute scammers. We also actively share tips on how people can protect themselves, their accounts, and avoid scams.”
Groups on Telegram were removed after WIRED messaged the company’s press office; however, the platform did not respond about why it had removed them.
Across all types of social media, Yahoo Boys scammers share “scripts” that they use to socially manipulate people—these can run to thousands of words long and can be copied and pasted to different victims. Many have been online for years. “I’ve seen some scripts that are 30 and 60 layers deep, before the scammer actually would have to go and think of something else to say,” says Ronnie Tokazowski, the chief fraud fighter at Intelligence for Good, which works with cybercrime victims. “It’s 100 percent how they’ll manipulate the people,” Tokazowski says.
Among the many scams, they pretend to be military officers, people offering “hookups,” the FBI, doctors, and people looking for love. One “good morning” script includes around a dozen messages the scammers can send to their targets. “In a world full of deceit and lies, I feel lucky when see the love in your eyes. Good morning,” one says. But things get much darker.
Enlarge/ Artist impression of a glory on exoplanet WASP-76b.
Do rainbows exist on distant worlds? Many phenomena that happen on Earth—such as rain, hurricanes, and auroras—also occur on other planets in our Solar System if the conditions are right. Now we have evidence from outside our Solar System that one particularly strange exoplanet might even be displaying something close to a rainbow.
Appearing in the sky as a halo of colors, a phenomenon called a “glory” occurs when light hits clouds made up of a homogeneous substance in the form of spherical droplets. It might be the explanation for a mystery regarding observations of exoplanet WASP-76B. This planet, a scorching gas giant that experiences molten iron rain, has also been observed to have more light on its eastern terminator (a line used to separate the day side from the night side) than its western terminator. Why was there more light on one side of the planet?
After observing it with the CHEOPS space telescope, then combining that with previous observations from Hubble, Spitzer, and TESS, a team of researchers from ESA and the University of Bern in Switzerland now think that the most likely reason for the extra light is a glory.
Seeing the light
Over three years, CHEOPS made 23 observations of WASP-76B in both visible and infrared light. These included phase curves, transits, and secondary eclipses. Phase curves are continuous observations that track a planet’s complete revolution and show changes in its phase or the part of its illuminated side that is facing the telescope. The telescope may see more or less of that side as the planet orbits its star. Phase curves can determine the change in the total brightness of the planet and star as the planet orbits.
Secondary eclipses happen when a planet passes behind its host star and is eclipsed by it. The light seen during such an eclipse can later be compared with the total light both before and after the occultation to give us a sense of the light that’s reflected off the planet. Hot Jupiters like WASP-76B are commonly observed through secondary eclipses.
Phase-curve observations can continue while the planet is eclipsing its star. While it was observing the phase curve of WASP-76B, CHEOPS saw a pre-eclipse excess of light on its night side. This had also been seen in TESS phase-curve and secondary-eclipse observations that had been made earlier.
End of the rainbow?
An advantage of WASP-76b is that it is an ultra-hot Jupiter, so at least its day side does not have the clouds and hazes that often obscure the atmospheres of cooler hot Jupiters. This makes atmospheric emissions much easier to detect. That we had already observed an asymmetry in iron content between the day-side and night-side terminators, discovered in a previous study, made the planet especially intriguing. There was not much gaseous iron in the upper atmosphere of the day-side limb compared to that of the night-side limb. This is probably because it rains iron on the day side of WASP-76b, which then condenses into clouds of iron on the night side.
Observations from Hubble suggested that thermal inversion—when the air near the surface of a planet begins cooling—was occurring on the night side. Cooling on that side would cause iron that had previously condensed into clouds, rained down onto the day side, and then evaporated from the intense heat to condense again. Drops of liquid iron can then form clouds.
These clouds are critical since light from the host star, reflecting off these drops in those clouds, can create the effect of a glory.
“Explaining the observation with the glory effect would require spherical droplets of highly reflective, spherically shaped aerosols and clouds on the planet’s eastern hemisphere,” the researchers said in a paper recently published in Astronomy & Astrophysics.
Glories have been seen off Earth before. They are also known to form in the clouds of Venus. Just like WASP-76b, more pre-eclipse light was observed on Venus, so while a glory is all but definite for the exoplanet, future observations with a more powerful telescope could help determine how similar the phenomenon on WASP-76 is to that on Venus. If they match, this will be the first glory ever observed on an exoplanet.
If future research figures out a definite way to tell whether this is really a glory, these phenomena could tell us more about the atmospheric makeup of exoplanets, depending on the kinds of elements or molecules light is reflecting off of. They might even give away the presence of water, which could mean habitability. While the hypothesized glory on WASP-76b has not been definitively demonstrated, it is anything but a rainbow in the dark.
Translating human-readable domain names into numerical IP addresses has long been fraught with gaping security risks. After all, lookups are rarely end-to-end encrypted. The servers providing domain name lookups provide translations for virtually any IP address—even when they’re known to be malicious. And many end-user devices can easily be configured to stop using authorized lookup servers and instead use malicious ones.
Microsoft on Friday provided a peek at a comprehensive framework that aims to sort out the Domain Name System (DNS) mess so that it’s better locked down inside Windows networks. It’s called ZTDNS (zero trust DNS). Its two main features are (1) encrypted and cryptographically authenticated connections between end-user clients and DNS servers and (2) the ability for administrators to tightly restrict the domains these servers will resolve.
Clearing the minefield
One of the reasons DNS has been such a security minefield is that these two features can be mutually exclusive. Adding cryptographic authentication and encryption to DNS often obscures the visibility admins need to prevent user devices from connecting to malicious domains or detect anomalous behavior inside a network. As a result, DNS traffic is either sent in clear text or it’s encrypted in a way that allows admins to decrypt it in transit through what is essentially an adversary-in-the-middle attack.
Admins are left to choose between equally unappealing options: (1) route DNS traffic in clear text with no means for the server and client device to authenticate each other so malicious domains can be blocked and network monitoring is possible, or (2) encrypt and authenticate DNS traffic and do away with the domain control and network visibility.
ZTDNS aims to solve this decades-old problem by integrating the Windows DNS engine with the Windows Filtering Platform—the core component of the Windows Firewall—directly into client devices.
Jake Williams, VP of research and development at consultancy Hunter Strategies, said the union of these previously disparate engines would allow updates to be made to the Windows firewall on a per-domain name basis. The result, he said, is a mechanism that allows organizations to, in essence, tell clients “only use our DNS server, that uses TLS, and will only resolve certain domains.” Microsoft calls this DNS server or servers the “protective DNS server.”
By default, the firewall will deny resolutions to all domains except those enumerated in allow lists. A separate allow list will contain IP address subnets that clients need to run authorized software. Key to making this work at scale inside an organization with rapidly changing needs. Networking security expert Royce Williams (no relation to Jake Williams) called this a “sort of a bidirectional API for the firewall layer, so you can both trigger firewall actions (by input *tothe firewall), and trigger external actions based on firewall state (output *fromthe firewall). So instead of having to reinvent the firewall wheel if you are an AV vendor or whatever, you just hook into WFP.”
